ConfigServer firewall (CSF) is a popular Linux firewall security suite that is often used because of its simplicity. CSF is easy to install, has flexible configuration settings and includes extra checks to secure. CSF helps your server control exactly how much traffic is allowed in and out of the server. This protects your server from malicious attacks.  It can also specify the type of traffic that comes in.

The CSF installation includes control panel user interface available via WHM and login failure daemon process (lfd). CSF will run this process periodically to scan the latest log file entries for login attempts that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IPs quickly. By doing so CSF can avert malicious activity away from your server, keeping your information safe.

Note: To skip to command-line instructions navigate to the end of this article.

Log into your server via ssh or via console begin your CSF installation.

Change to temp directory:

 # cd /tmp


Download the file:

# wget

Unpack the archive:

# tar xfz csf.tgz


Navigate to the uncompressed csf directory:

# cd csf

Run the installer:

# sh

This will create a configuration file and add all required cPanel services to the allow list.

Your next step is to disable testing mode by editing main CSF configuration file. Open the file using any editor (vi, nano, etc):

# nano /etc/csf/csf.conf

Scroll down and find: TESTING = “1” and change to TESTING = “0”

Note: Keep the quotations (“”) enclosing the number when making changes.

To save, press ‘Ctrl O’.

Hit ‘Enter’ when your screen asks “File Name to Write: /etc/csf/csf.conf”.

Next, hit ‘Ctrl X’ to exit.

When done, restart CSF:

# csf -r


Now CSF is installed and ready. You can simply manage it via cPanel WHM interface

WHM > Config Security & Firewall.OR via command-line:


In the event that you need to allow/block IP address using command line, the options are as follows:

To add your IP address to a permanent allow list:

# csf -a

To block the IP:

# csf -d


To clear blocked IPs:

# csf -f

Additional Options:

Via Command line you can type: csf -[option]

Commands to know:

cd = change directory

cd ../ = change up a directory

wget  = fetches a download link

tar  = tar is to uncompress archived files

csf = run commands for the csf firewall followed by an option

ls = list, which shows the contents in the directory you’re in.

pwd = shows the directory you’re currently in.

For more information about CSF, see:

For more information about Basic linux Commands








  • No labels